sameer fakhoury
  • Home
  • CTF Writeups
  • Course Summaries
  • Cyber Reports
  • Articles
  • Event Notes
  • About Me
dist_ribu_tion

dist_ribu_tion

  • @0x1337team - me
💡
FLAG :
  • here I have 2 words to search in @0x1337team - me
    • @0x1337team : the name of the team
    • me : the name of the author → Sameer Fakhoury
  • as we can see we don’t have any other information that will help us in this OSINT question expect the 2 words the question provide, but we can see the title of the question dist_ribu_tion
    • dist_ribu_tion → first getting the underscores _ form it: distribution → second seeing the meaning of distribution is: the way in which something is shared out among a group or spread over an area → that means the flag will be distributed not as a one piece
  1. let’s begin search with @0x1337team on google
      2. image
    1. as we can see I have 2 results → YouTube and LinkedIn → let’s begin with YouTube
  1. open YouTube link → https://www.youtube.com/@0x1337team
      2. image
    1. this seems that this is the team YouTube channel
  1. the first thing ill begin searching is the ABOUT because its easy to search for flags or other related information
    2. image
  1. as we can see there is a text that is suspicious → zLkAweDEzMzd0ZWFtXw== → as we know that's the shape of the end of a base64 text
      2. image
    1. so now we have the end of the flag
  1. lets search more in this page and search for other related information
      2. image
    1. as we can see we have a link → https://linktr.ee/0x1337team, and the title said: communicate with our team → that means they may have other related social media accounts
  1. opening the link → https://linktr.ee/0x1337team
      2. image
    1. this link results that this team have multiple social media accounts → lets open the first link → https://www.linkedin.com/in/leet-team-a57b45278/ that’s pointing on the LinkedIn of the team
      2. image
  1. opening the LinkedIn of the team and search in About part
      2. image
    1. here we got another suspicious text MS5mbGFnXz that seems as a complementary for the last part of the flag that we found let’s save it
  1. now we have two MS5mbGFnXz zLkAweDEzMzd0ZWFtXw== parts of the flag, and I wonder how many parts the flag is ??
    • if we go back to the question title dist_ribu_tion → its seems distributed to three parts and the underscore is the delimiter , we can make a relation that the flag we are searching for is distributed to three parts and we got 2 parts and still have one to find
    • also I have me : the name of the author → Sameer Fakhoury, we didn’t search for it lets begin our search with it … BUT
      • Sameer Fakhoury is a author of this challenge, and as we saw he is also a member in @0x1337team, also the two parts of the flag where in the Aboutsection → that gave us a key to go search for Sameer Fakhoury in LinkedIn in the Aboutsection
  1. search for Sameer Fakhoury in LinkedIn → https://www.linkedin.com/in/sameer-fakhoury-67217426a/ in the Aboutsection
      2. image
      image
    1. yes, we found the third part of the flag
    2. now we have the three parts of the flag → we can now decode them in base64
        3. image
      1. as we know the first search result of the flag we found will be the last part of the flag → zLkAweDEzMzd0ZWFtXw==
      2. and that leaves us with two combination of flags IubGVldGVhbV8MS5mbGFnXzzLkAweDEzMzd0ZWFtXw== and MS5mbGFnXzIubGVldGVhbV8zLkAweDEzMzd0ZWFtXw== → try to decode both of them and get the FLAG
  1. combining and decoding the flag from base64 in cyberchef → https://gchq.github.io/CyberChef/
    • let’s try this combination → IubGVldGVhbV8MS5mbGFnXzzLkAweDEzMzd0ZWFtXw==
      • image
    • as we can see the last part is correct but the first two gave unreadable text let’s switch the order between the first two parts
      • image
    • yes, this text → MS5mbGFnXzIubGVldGVhbV8zLkAweDEzMzd0ZWFtXw== → this gave us the FLAG: flag_leeteam_@0x1337team_
  2. BAU{flag_leeteam_@0x1337team_}

©sameer fakhoury

GitHubLinkedIn